Key management systems at the cloud scale

Matthew Campagna, Shay Gueron

Research output: Contribution to journalArticlepeer-review


This paper describes a cloud-scale encryption system. It discusses the constraints that shaped the design of Amazon Web Services’ Key Management Service, and in particular, the challenges that arise from using a standard mode of operation such as AES-GCM while safely supporting huge amounts of encrypted data that is (simultaneously) generated and consumed by a huge number of users employing different keys. We describe a new derived-key mode that is designed for this multi-user-multi-key scenario typical at the cloud scale. Analyzing the resulting security bounds of this model illustrates its applicability for our setting. This mode is already deployed as the default mode of operation for the AWS key management service.

Original languageEnglish
Article number23
Pages (from-to)1-16
Number of pages16
Issue number3
StatePublished - Sep 2019

Bibliographical note

Publisher Copyright:
© 2019 by the authors. Licensee MDPI, Basel, Switzerland.


  • Cloud computing
  • Key management

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Networks and Communications
  • Computer Science Applications
  • Software
  • Applied Mathematics


Dive into the research topics of 'Key management systems at the cloud scale'. Together they form a unique fingerprint.

Cite this